Bruce Bigelow of Xconomy wrote the piece below about CyberHive, for which AIS is a founding sponsor.
San Diego Opens CyberHive to Incubate Cybersecurity Startups
A cybersecurity initiative that began in San Diego several years ago has taken an interesting turn, with the formation of a new technology incubator for seed-stage companies developing new ways to defend computer networks, software, and data from malicious attacks.
The incubator, called CyberHive San Diego, is modeled after a similar cybersecurity accelerator at bwtech@UMBC, the University of Maryland’s Baltimore center for innovation and entrepreneurship. The Maryland CyberHive is within 15 miles of the National Security Agency at Fort Meade, and includes a “Cync” program created under a partnership with Northrop Grumman to develop technologies for protecting IT systems vital to national defense.
The San Diego CyberHive is intended to help cybersecurity and analytics startups refine their business plans, identify investors, and prepare to bring their products to market, founder Darin Andersen told me by telephone yesterday. Andersen, a former top executive in San Diego for the anti-virus developer Eset, said the push to create the incubator grew out of efforts to raise public awareness about Internet threats and to make cybersecurity a focus among defense contractors in the area.
The CyberHive plans to provide office space for about 20 seed-level startups, along with other resources—such as access to “sandbox” computer systems where malicious software can be safely analyzed. Each startup admitted to the cybersecurity incubator would pay a subsidized pro rata share for their office space—and provide an ownership stake in the company that ranges from a fraction of a percent to about 5 percent of the startup company.
Anderson, who now heads U.S. operations for Norman, a Norwegian developer of malware analysis and security software, said the CyberHive will cohabit space in a downtown office building with Norman’s North American headquarters.
The CyberHive also could provide a startup from $50,000 to $200,000 in seed funding—in exchange for an ownership stake that would range from 20 to 40 percent, Andersen said.
“We are putting together a $2 million fund from a mix of sources, including private and corporate investors interested in funding either particular companies or new cybersecurity technologies—which is a very hot field at the moment,” Andersen said. While nothing has been finalized, the funding sources would likely receive 80 percent of any gains generated from a startup investment, with 20 percent going to the non-profit CyberHive. “We are reviewing the correct legal structure for this arrangement,” he said.
In concept, the CyberHive sounds much like other tech incubators that have spun out scores of successful consumer Web startups.
Yet it’s hard to see how an incubator focused on cybersecurity, which typically involves secretive technology and tight security, could emulate the freewheeling culture of collaboration and innovation found at consumer Web incubators like TechStars and Y Combinator. (In general, incubators that invest in startups also take an ownership stake that is substantially smaller than 40 percent.)
Bob Slapin, who stepped down recently as director of the non-profit industry group Software San Diego, told me he declined to participate in the CyberHive effort, saying, “I just didn’t think it would be the right model.” Slapin added he wishes the CyberHive well, saying, “I certainly hope I’m wrong.”
Andersen noted that the CyberHive is working closely with other tech organizations in San Diego, especially Connect, the non-profit program in innovation and entrepreneurship. It’s clear, however, that Andersen and other supporters are positioning the CyberHive to take advantage of the escalating threat from a deluge of cyber-attacks—a trend that President Obama highlighted just a few days ago in his State of the Union speech.
“We know hackers steal people’s identities and infiltrate private e-mails,” the President said Tuesday. “We know foreign countries and companies swipe our corporate secrets. Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems… That’s why, earlier today, I signed a new executive order that will strengthen our cyber defenses by increasing information sharing, and developing standards to protect our national security, our jobs, and our privacy. Now, Congress must act as well, by passing legislation to give our government a greater capacity to secure our networks and deter attacks.”
The President’s order, which directs the Commerce Department to work with industry to develop best practices for cybersecurity, could serve as a catalyst for R&D work in San Diego—and the CyberHive would be eligible to receive federal funding, Andersen said. The CyberHive has established partnerships with Cybersecurity leaders in Maryland (Mike Jacobs, the first information assurance director for the National Security Agency is on Andersen’s board of advisors), and the CyberHive has been working with other partners to target potential opportunities for federal grants and contracts.
“There could be opportunities to combine efforts around specific, hard problems that the government is trying to solve,” Andersen said.
Ultimately, the success of the new CyberHive incubator will depend on the caliber of the mentors who have the hands-on responsibility of working with the startup companies, said Brant Cooper, who works with Web startups through the San Diego Tech Founders networking group. Andersen agreed it is a key task, and said he has recruited mentors like Brian Nugent, executive chairman of the local IT services provider Accelerate IT, and Lin McClure, a cybersecurity entrepreneur who co-founded San Diego Research Center Inc., a wireless defense company.
“Cyber security is a fundamental issue facing every industry, every level of the government and individuals,” said Mark Kohlheim, a defense industry executive serving as CyberHive’s interim executive director. “With the wealth of ideas, innovation, academic institutions as well as industry and government support within the San Diego region, it makes sense that San Diego should have a cyber security incubator and be at the epicenter of this critical need.”